Senior Security Specialist – Compliance
San Jose
hace 5 días

People make Sage great. From our colleagues delivering ground-breaking solutions to the customers who use them : people have helped us grow for more than thirty years, and people are driving our future as a great SaaS company.

We're writing our next chapter. Be part of it!

At Sage, we recognize that the world of work has rapidly shifted over the last few years, particularly how we work. That is why we have committed to working in a hybrid way going forward.

Human connection is an essential ingredient of the 4 principles that make up our Flexible Human Work hybrid framework and we want to be transparent in what that looks like when you join our Sage family.

On one hand, our offices will continue to play an important role in our future and serve as a place for spontaneous conversations, connection, collaboration as well as focused time.

On the other hand, we have learned to reimagine where and when we work and to unlock that flexibility and innovation for our colleagues offering them the opportunity to work flex across their home, Sage offices or customer sites.

We invite you to join us and help us write our next chapter. Follow us on our social media sites to join in conversations about open positions and company news! #lifeatsage #sagecareers.

If you would like support with your application (or require any adjustments) please contact us at for assistance. All qualified applicants will be thoughtfully considered and never discriminated against based on their race, color, age, religion, sexual orientation, gender identity, national origin, disability or veteran status.

EOE AA / M / F / Vet / Disability Sage Software is an Equal Opportunity Employer. We comply with the laws set forth in the Equal Employment Opportunity in The Law poster :

Job Description

We are looking for a person with a strategic mindset, and excellent stakeholder management skills, who can help us to define and deliver a compelling approach to security governance, risk and compliance (GRC).

As part of the Information Security Compliance team, you will be working under the guidance of a new Director of Security GRC, and together you will drive transformational change in how we manage security risks across our regions, business functions and associated Sage products.

You likely don’t think of yourself as a security traditionalist. You understand what underpins a successful GRC approach but you’re looking for an opportunity to rip up the playbook and take a new and more radical approach.

You will be passionate about using your influence to reach data-driven decisions and enable measurement of success against Sage’s Cyber Security Strategy.

Motivated by challenging the status quo, you will have the business knowledge to change the way work is performed. You will build strong relationships across the security function and strengthen connections to the wider business, delivering the highest standard of support to Sage’s business functions.

Currently the Global Information Security team is embarking on a new journey to build and embed new threat-based risk assessments processes for global and regional initiatives whilst also elevating cyber security within the business.

You are part of the compliance function of Global Security, responsible for the new and bold security strategy and representing Global Security for their respective regions and meeting the demand from multiple compliance needs across the business (including, but not limited to SOC2, ISO 27001 and PCI-DSS).

Key Responsibilities

  • Act as a local point of contact and representative of security for business functions, in the North America regions, building relationships with and win the confidence of senior stakeholders across the Group.
  • Lead the delivery of risk-based security compliance initiatives for key Sage Products.
  • Contribute to the management of Security Standards and Policy frameworks as well as a Cyber Security Training & Awareness Programmer.
  • Provide local management and guidance of the North America Compliance Programs, SOC-1, SOC-2, PCI DSS, ISO 27001.
  • Suggest and positively impact the scope, coverage, performance of the North America Compliance Programs.
  • Co-ordinate compliance programs with both Internal stakeholders, and external auditors.
  • Maintain a good awareness of the changing threat landscape by participating in and sometimes contributing to relevant security groups, forums, or conferences
  • Strive to find innovations in the ways that we support the demands of our customers and new prospects.
  • Support the Info-Sec concerns and issues of our local and growing Customer base in North America.
  • Identify security risks and influence changes to business processes.
  • Positively impact the other Information Security teams and support them in their needs.
  • Do you love where you work? WE do!

    Who is Sage?

    How we make a difference :

    Champion of Business Builders :

    Life at Sage :

    Our comprehensive total rewards program included :

  • Extended health, dental and vision coverage
  • On-going training and professional development
  • 21 days paid time off from the start
  • Paid 5 days to volunteer through our Sage Foundation
  • Matching Retirement contributions
  • And, so much more
  • Reportar esta oferta

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Formulario de postulación